InfusionPoints Achieves FedRAMP 20x Moderate (Class C): What It Means for the Future

In this special announcement episode of Behind the Shield, we’re sharing a major milestone for InfusionPoints and what it signals for the future of federal cloud security. Chad Spears and Tanner Bailey break down our FedRAMP 20x Moderate (Class C) achievement, what it took to get here, and why this moment matters not just for us, but for cloud service providers, agencies, and the broader FedRAMP ecosystem. This isn’t just another certification, it’s proof that the shift from traditional, point-in-time compliance to continuous validation is not only possible, but already happening. Throughout the conversation, we unpack how FedRAMP 20x is transforming the way security is demonstrated, moving away from static documentation and toward real-time, machine-readable evidence through Key Security Indicators (KSIs). We also dive into the internal journey behind this achievement, from early automation efforts and platform development to navigating the evolving expectations of the PMO and participating in the 20x cohort process. You’ll hear firsthand how this approach changes the experience for both providers and assessors, creating a more collaborative, transparent, and efficient path to authorization. We also explore what this means from a business perspective, including faster time to market, reduced friction in the authorization process, and a clearer path for organizations looking to enter the federal space. Whether you're actively pursuing FedRAMP, evaluating your path to 20x, or simply trying to understand where the program is headed, this episode offers practical insights, real-world lessons learned, and a clear view into what comes next. Chapters: 0:10 Introduction and Special Announcement 0:45 Certification Achievement 1:23 Significance of 20X Certification 2:45 Customer Impact and FedRAMP Framework 6:07 Understanding FedRAMP Designations 11:48 Journey to 20X Certification 18:30 Team Effort and Continuous Validation 18:47 Customer Benefits of 20X Certification 19:02 Platform as a Service and FedRAMP 19:29 Security Controls and KSI's 20:25 Speed to Market with XB40 21:53 Webinar and Education Initiatives 22:48 Upcoming Webinar Details 26:22 Team Recognitions and Shoutouts 30:57 Closing Remarks What You’ll Learn: • What achieving FedRAMP 20x Moderate (Class C) actually means • Why this milestone is important for CSPs and federal agencies • How FedRAMP 20x is shifting compliance to continuous validation • The real business impact of faster authorization timelines • How automation and KSIs replace traditional audit processes • What makes this approach different from Rev. 5 assessments • How InfusionPoints approached the 20x journey internally • What this means for customers looking to enter the federal market • Why this proves the transition from Rev. 5 to 20x is possible Resource Links: https://www.fedramp.gov/rfcs/ FedRAMP 20x Community Update-    • FedRAMP 20x Community Update   InfusionPoints Links: https://xbu40.com/ 20x Quick Look Assessment- https://xbu40.com/assessment 20x Webinar Series | Session 1-    • FedRAMP 20x Explained- What CSPs Need to K...   20x Webinar Series | Session 2 Registration- https://xbu40.com/20x-cohort/april-28-26 Chad Spears-  / chad-spears007   Tanner Bailey-   / tanner-b-37a50a132     / infusionpoints   https://infusionpoints.com/ InfusionPoints & AWS: InfusionPoints is proud to be an Amazon Web Services Premier Tier Services Partner, supporting organizations in building, managing, and defending secure cloud environments. About Us: InfusionPoints is a trusted cybersecurity, cloud engineering, and compliance partner helping organizations Build, Manage, and Defend secure, mission-ready environments in highly regulated markets. We specialize in FedRAMP, FedRAMP 20x, DoD, and enterprise security frameworks, supporting organizations from initial authorization through continuous monitoring and optimization. Our team brings deep technical expertise and real-world operational insight to every engagement. Through our independent, security-first approach, we integrate people, processes, and technology to deliver scalable, compliant, and resilient solutions. From strategy and architecture to operations and defense, we help customers move faster without sacrificing security.